To work around persistent GitHub bugs we have had the past few years related
to setting the member privilege level for many of our organizations to not
allow members to create repos, we are exploring this new opt-in only feature
flag called "direct new repo lockdown" that will help us to try and experiment
a way to allow our members to directly create repos.
The current prototyping design of this feature is:
1. if a repo is created by a GitHub App (a bot) or an approved system operations account, or the existing new repo workflow, no-op
2. if a repo is created by a member of the GitHub org, the repo is "locked down" - removing their collaborator and team permissions - and they are sent an e-mail asking them to complete the new repo setup by entering into our existing internal wizard for that.
The feature flag must be enabled in 2 places:
1. the app itself must opt in to the feature being available
2. an organization setting must opt in to the feature via configuration
This system requires a few specific parts of the monolithic app to
function: the use of a repository metadata provider (Postgres is what
we are using) to store additional source-of-truth data for a repo,
and also connecting to webhooks either through an org-level webhook
or a GitHub App that has a configured hook.
- Enables GitHub App-based server-to-server communication
- Enables dynamic (database-backed) organization setting configuration
- QueryCache system, when paired with a Postgres database and GitHub App webhooks keeps teams, repo lists, etc. up-to-date more efficiently than the older GitHub REST API-based method
- Various bug fixes
- Entities (links, join requests, repo metadata) refactored
- Entities can be stored in Postgres, Azure Table, or memory
- Introduces a quickstart memory provider mode
- Evolution of more classes and methods to ES6, await/async, TypeScript typings
- Updates of package versions
Major updates to the application, including some minor breaking changes.
The public updates (that make it less Microsoft-specific) are still in
development; this represents trying to get it ready for updates.
This will enforce a couple of code conventions
(indentation: 2 spaces, \n for EOL, utf-8 charset)
similar to .vscode/settings.json, but with the
EditorConfig format (https://editorconfig.org/)
which is supported by most major IDEs.
Jeff Wilcox
Marco Franssen
Vatsalya Goel
dependabot[bot]
Jeff Wilcox
Jeff Wilcox
Roman Fritsch
Jonas Scholl
Eirik